From patchwork Fri Aug 22 08:08:49 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Lieven X-Patchwork-Id: 382097 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id DDF731400E9 for ; Fri, 22 Aug 2014 18:10:03 +1000 (EST) Received: from localhost ([::1]:35581 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKjv7-0002H9-PD for incoming@patchwork.ozlabs.org; Fri, 22 Aug 2014 04:10:01 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57868) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKjuk-0001ni-8H for qemu-devel@nongnu.org; Fri, 22 Aug 2014 04:09:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XKjuf-0005xr-D9 for qemu-devel@nongnu.org; Fri, 22 Aug 2014 04:09:38 -0400 Received: from mx-v6.kamp.de ([2a02:248:0:51::16]:55084 helo=mx01.kamp.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKjuf-0005xe-1y for qemu-devel@nongnu.org; Fri, 22 Aug 2014 04:09:33 -0400 Received: (qmail 1485 invoked by uid 89); 22 Aug 2014 08:09:31 -0000 Received: from [82.141.1.145] by client-16-kamp (envelope-from , uid 89) with qmail-scanner-2010/03/19-MF (clamdscan: 0.98.4/19300. hbedv: 8.3.24.16/7.11.168.140. spamassassin: 3.4.0. Clear:RC:1(82.141.1.145):SA:0(-1.2/4.0):. Processed in 1.040583 secs); 22 Aug 2014 08:09:31 -0000 Received: from ns.kamp-intra.net (HELO dns.kamp-intra.net) ([82.141.1.145]) by mx01.kamp.de with SMTP; 22 Aug 2014 08:09:29 -0000 X-GL_Whitelist: yes Received: from lieven-pc.kamp-intra.net (lieven-pc.kamp-intra.net [172.21.12.60]) by dns.kamp-intra.net (Postfix) with ESMTP id E37B120683; Fri, 22 Aug 2014 10:08:49 +0200 (CEST) Received: by lieven-pc.kamp-intra.net (Postfix, from userid 1000) id D32E45FCE5; Fri, 22 Aug 2014 10:08:49 +0200 (CEST) From: Peter Lieven To: qemu-devel@nongnu.org Date: Fri, 22 Aug 2014 10:08:49 +0200 Message-Id: <1408694929-1771-1-git-send-email-pl@kamp.de> X-Mailer: git-send-email 1.7.9.5 X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a02:248:0:51::16 Cc: kwolf@redhat.com, pbonzini@redhat.com, Peter Lieven , qemu-stable@nongnu.org, stefanha@redhat.com Subject: [Qemu-devel] [PATCH] block/iscsi: fix memory corruption on iscsi resize X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org bs->total_sectors is not yet updated at this point. resulting in memory corruption if the volume has grown and data is written to the newly availble areas. CC: qemu-stable@nongnu.org Signed-off-by: Peter Lieven --- block/iscsi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/block/iscsi.c b/block/iscsi.c index a7bb697..ed883c3 100644 --- a/block/iscsi.c +++ b/block/iscsi.c @@ -1509,7 +1509,8 @@ static int iscsi_truncate(BlockDriverState *bs, int64_t offset) if (iscsilun->allocationmap != NULL) { g_free(iscsilun->allocationmap); iscsilun->allocationmap = - bitmap_new(DIV_ROUND_UP(bs->total_sectors, + bitmap_new(DIV_ROUND_UP(sector_lun2qemu(iscsilun->num_blocks, + iscsilun), iscsilun->cluster_sectors)); }